From cc512947c9e1744c5541252c7cc934ebcd2e6961 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sun, 9 Nov 1997 20:42:47 +0000 Subject: byteorder.h : typecasting for the debug messages of the data dump. hm. #ifdef NTDOMAIN ntclient.c rpc_pipes/lsaparse.c rpc_pipes/ntclientnet.c rpc_pipes/smbparse.c : adding "Net Server Password Set" functionality to smbclient. #endif (This used to be commit ad43183d2dd62a808c9fba03f81562362d4de713) --- source3/client/ntclient.c | 115 +++++++++++++++++++++++++++++----------------- 1 file changed, 72 insertions(+), 43 deletions(-) (limited to 'source3/client') diff --git a/source3/client/ntclient.c b/source3/client/ntclient.c index a32f6e690d..8d1ad0e8eb 100644 --- a/source3/client/ntclient.c +++ b/source3/client/ntclient.c @@ -40,13 +40,12 @@ extern pstring workgroup; check workstation trust account status ************************************************************************/ BOOL wksta_trust_account_check(struct in_addr dest_ip, char *dest_host, - char *myhostname, char *domain) + char *myhostname, char *domain, + fstring mach_pwd, fstring new_mach_pwd) { pstring tmp; struct cli_state wksta_trust; fstring mach_acct; - fstring mach_pwd; - fstring new_mach_pwd; uchar lm_owf_mach_pwd[16]; uchar nt_owf_mach_pwd[16]; uchar lm_sess_pwd[24]; @@ -88,8 +87,8 @@ BOOL wksta_trust_account_check(struct in_addr dest_ip, char *dest_host, if (!server_connect_init(&wksta_trust, myhostname, dest_ip, dest_host)) { - int err_cls; - int err_num; + uint8 err_cls; + uint32 err_num; cli_error(&wksta_trust, &err_cls, &err_num); DEBUG(1,("server_connect_init failed (%s)\n", cli_errstr(&wksta_trust))); @@ -109,17 +108,17 @@ BOOL wksta_trust_account_check(struct in_addr dest_ip, char *dest_host, lm_sess_pwd, sizeof(lm_sess_pwd), nt_sess_pwd, sizeof(nt_sess_pwd))) { - int err_cls; - int err_num; + uint8 err_cls; + uint32 err_num; cli_error(&wksta_trust, &err_cls, &err_num); - if (err_cls == 0xC000 && err_num == NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT) + if (err_num == (0xC0000000 | NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT)) { DEBUG(1,("server_validate: valid workstation trust account exists\n")); right_error_code = True; } - if (err_cls == 0xC000 && err_num == NT_STATUS_NO_SUCH_USER) + if (err_num == (0xC0000000 | NT_STATUS_NO_SUCH_USER)) { DEBUG(1,("server_validate: workstation trust account does not exist\n")); right_error_code = False; @@ -149,6 +148,10 @@ BOOL do_nt_login(struct in_addr dest_ip, char *dest_host, DOM_CHAL auth2_srv_chal; + DOM_CRED srv_pwset_clnt_cred; + DOM_CRED srv_pwset_rtn_cred; + DOM_CRED srv_pwset_srv_cred; + DOM_CRED sam_logon_clnt_cred; DOM_CRED sam_logon_rtn_cred; DOM_CRED sam_logon_srv_cred; @@ -166,6 +169,7 @@ BOOL do_nt_login(struct in_addr dest_ip, char *dest_host, uchar sess_key[8]; char nt_owf_mach_pwd[16]; + char nt_owf_new_mach_pwd[16]; fstring server_name; fstring mach_acct; @@ -204,10 +208,6 @@ BOOL do_nt_login(struct in_addr dest_ip, char *dest_host, return False; } - /************ check workstation trust account *******************/ - - wksta_trust_account_check(dest_ip, dest_host, myhostname, workgroup); - /******************* open the \PIPE\lsarpc file *****************/ if ((fnum = rpc_pipe_open(inbuf, outbuf, PIPE_LSARPC, Client, cnum)) == 0xffff) @@ -300,6 +300,46 @@ BOOL do_nt_login(struct in_addr dest_ip, char *dest_host, + /************ Check workstation trust account *******************/ + + /* default machine password is lower-case machine name (really secure) */ + fstrcpy(mach_pwd, myhostname); + strlower(mach_pwd); + + wksta_trust_account_check(dest_ip, dest_host, myhostname, workgroup, mach_pwd, new_mach_pwd); + + /************ Long-term Session key (default) **********/ + + { + char lm_owf_mach_pwd[16]; +#ifdef DEBUG_PASSWORD + DEBUG(100,("generating nt owf from initial machine pwd: %s\n", mach_pwd)); +#endif + nt_lm_owf_gen( mach_pwd, nt_owf_mach_pwd , lm_owf_mach_pwd ); + } + +#ifdef DEBUG_PASSWORD + dump_data(6, nt_owf_mach_pwd, 16); +#endif + + /* calculate the session key */ + cred_session_key(&clnt_chal, &srv_chal, nt_owf_mach_pwd, sess_key); + + /*********** next new trust account password ************/ + { + char lm_owf_new_mach_pwd[16]; +#ifdef DEBUG_PASSWORD + DEBUG(100,("generating nt owf from new machine pwd: %s\n", new_mach_pwd)); +#endif + nt_lm_owf_gen(new_mach_pwd, nt_owf_new_mach_pwd, lm_owf_new_mach_pwd); + } + +#ifdef DEBUG_PASSWORD + dump_data(6, nt_owf_new_mach_pwd, 16); +#endif + + + /******************* open the \PIPE\NETLOGON file *****************/ if ((fnum = rpc_pipe_open(inbuf, outbuf, PIPE_NETLOGON, Client, cnum)) == 0xffff) @@ -336,35 +376,6 @@ BOOL do_nt_login(struct in_addr dest_ip, char *dest_host, return False; } - /************ Long-term Session key (default) **********/ - -#if 0 - /* DAMN! can't get the machine password - need become_root() to do it! */ - /* get the machine password */ - if (!get_md4pw(mach_acct, nt_owf_mach_pwd)) - { - cli_smb_close(inbuf, outbuf, Client, cnum, fnum); - free(inbuf); free(outbuf); - return False; - } - - DEBUG(5,("got nt owf from smbpasswd entry: %s\n", mach_pwd)); -#else - - { - char lm_owf_mach_pwd[16]; - nt_lm_owf_gen(mach_pwd, nt_owf_mach_pwd, lm_owf_mach_pwd); - DEBUG(5,("generating nt owf from initial machine pwd: %s\n", mach_pwd)); - } - -#endif - - dump_data(6, nt_owf_mach_pwd, 16); - - /* calculate the session key */ - cred_session_key(&clnt_chal, &srv_chal, nt_owf_mach_pwd, sess_key); - - /******************* Authenticate 2 ********************/ /* calculate auth-2 credentials */ @@ -379,8 +390,26 @@ BOOL do_nt_login(struct in_addr dest_ip, char *dest_host, return False; } + /**************** Net Server Password Set **************/ + + clnt_cred.timestamp.time = srv_pwset_clnt_cred.timestamp.time = time(NULL); + + /* calculate sam logon credentials, using the auth2 client challenge */ + cred_create(sess_key, &(clnt_cred.challenge), srv_pwset_clnt_cred.timestamp, + &(srv_pwset_clnt_cred.challenge)); + + /* send client srv_pwset challenge; receive a srv_pwset challenge */ + if (!do_lsa_srv_pwset(fnum, ++call_id, sess_key, + dest_host, mach_acct, 2, myhostname, + &srv_pwset_clnt_cred, &srv_pwset_srv_cred, + nt_owf_new_mach_pwd)) + { + cli_smb_close(inbuf, outbuf, Client, cnum, fnum); + free(inbuf); free(outbuf); + return False; + } - /*********************** SAM Info ***********************/ + /****************** SAM Info Preparation *******************/ { char lm_owf_user_pwd[16]; -- cgit